package com.xt.mes.controller;

import com.xt.mes.common.Response;
import com.xt.mes.config.shiro.CustomToken;
import com.xt.mes.pojo.User;
import com.xt.mes.util.AesUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;

import java.util.HashMap;
import java.util.Map;

@RestController
public class UserLoginController {


//    @Autowired
//    private RoleMapper roleMapper;



    @PostMapping(value = "/login")
    public Response login(@RequestParam("workNumber")  String workNumber
                    , @RequestParam("password") String password
                     ){
        String msg="";
        Map<String, Object> map = new HashMap<>();
        Subject subject = SecurityUtils.getSubject();
        Object obj = subject.getSession().removeAttribute("userlogin");
        if(obj != null)
            subject.logout();
        String pwd = AesUtils.getPwd(password); //解密
        CustomToken token = new CustomToken(workNumber,pwd);
        map.put("status",0);
        if (!subject.isAuthenticated()){
            try {
                subject.login(token);
                User customerInfo = (User) subject.getPrincipal();
                Session session = subject.getSession();
                customerInfo.setPassword("");
//                customerInfo.setGuid(pwd.length()+"");
                //将用户的角色带出
//                Map roleMap=roleMapper.getStringRolesList(Long.parseLong(customerInfo.getUserId()));
//                if(roleMap!=null && roleMap.get("ROLEID")!=null && StringUtils.isNotBlank(roleMap.get("ROLEID").toString())) {
//                    customerInfo.setRoleId(roleMap.get("ROLEID").toString());
//                    customerInfo.setRoleName(roleMap.get("ROLENAME").toString());
//                    customerInfo.setRoleCode(roleMap.get("ROLECODE")==null?"":roleMap.get("ROLECODE").toString());
//                }
                session.setAttribute("userlogin", customerInfo);
                map.put("role", "admin");
                map.put("token", subject.getSession().getId());
                map.put("msg", "登录成功");
                return new Response().success(map);
            } catch (IncorrectCredentialsException e) {
                msg= "密码错误";
            } catch (LockedAccountException e) {
                msg="登录失败，该用户已被冻结";
            } catch (AuthenticationException e) {
                msg="该用户不存在";
            } catch (Exception e) {
                msg="未知错误";
            }
        }
        return new Response().error(msg);
    }

    @RequestMapping(value="/islogin")
    public Response islogin(){
        Subject subject = SecurityUtils.getSubject();
        Object obj = subject.getSession().getAttribute("userlogin");
        if(obj == null)
            return new Response().error("尚未登录");
        return  new Response().success(obj);

    }


    @RequestMapping("/loginout")
    public Response loginout(){
        Subject subject = SecurityUtils.getSubject();
        Object obj = subject.getSession().getAttribute("userlogin");
        if(obj == null)
            return new Response().error("您还未登录");
        subject.logout();
        subject.getSession().removeAttribute("userlogin");
        return new Response().success("账号退出成功");

    }

    @GetMapping(value = "/unauth")
    public Object unauth() {
        return new Response().error("未登录");
    }


    @GetMapping(value = "/notRole")
    public Response notRole() {
        return new Response().error("没有权限");
    }
}
